Summary: Differences between 9.3 and later versions
jcarroll65 at cfl.rr.com
jcarroll65 at cfl.rr.com
Tue Feb 23 15:22:17 UTC 2010
This mailing list rocks.
Many thanks to Stephane Bortzmeyer and Jay Ford. Both where spot on with "allow-query". Now BIND 9.7 resolves to the outside.
JC
---- jcarroll65 at cfl.rr.com wrote:
> Please do not crucify me.
>
> Due to an security audit I have been given the task of upgrading our BIND from 9.3 to a new version (9.7 is preferred). Using the package from sunfreeware.com (Solaris 10/X86) the upgrade seem to work well. However, whenever someone tries to nslookup (or dig) an external site (i.e. cnn.com) they get REFUSED. If I back down to the 9.3 version all is well. I've tried to find what new security feature is required, but alas I can't seem to get it. What changes affect resolving outside sites?
>
> JC
More information about the bind-users
mailing list